Migrating from Lastpass

I looked at Bitwarden last year RE migrating myself and my clients from Lastpass, but it was not viable due to missing features and functionality and the inability to migrate all data from lastpass.

i.e.

no way to migrate shares, permissions, TOTP’s, files, etc

bitwarden only supports importing the CSV that LastPass itself allows you to export, which doesn’t include any of the above.
I have more than 10 years worth of data to migrate, so I don’t fancy having to setup all those shares, permissions and TOTP’s by hand.

A few other niggly issues such as

  • cannot create folder at the same time as creating a new password. So you have to exit out of the password creation and go create the folder first.

  • issues with folder naming and navigation.
    if you try to save a password into a non existent path/folder, this would result in a password being created with path you entered as part of the name, including the slashes… causing lots of issues and confusion.
    e.g.
    the name of the saved item would be “my path/subfolder/title” instead of being called “title” and saving it to my path/subfolder.

  • and other interface issues that would be problematic for non technical users

has this changed at all in the last year does anyone know?
Or is there any alternative method of migrating the data from lastpass that cannot be exported?

This is entirely 100% a LastPass problem. They have no interest in helping or supporting you leaving their walled garden for BitWarden (or any other password manager). The same goes for Authy, one of the first TOTP managers. As far as I know, LP split their Authenticator product from their LP product, so the export and/or backup features of the Authenticator are where your focus should be for TOTP secrets.

As for attachments/files, unless you can automate a person viewing an entry and then downloading the attached files (browser macro/scriptlets?) and then keeping track of which file needs to get re-attached to which entries in BitWarden, there’s going to be some work needed there. Again, this is a lack of capability on the part of LastPass, not BitWarden. Storing passwords and credentials in Apple devices is equally problematic in that Apple does not offer a way to export anything from their iCloud Keychain or iCloud Passwords managers, locking you into their walled garden. You have to manually duplicate entering the passwords/information into BW. Good luck with capturing QR codes in multiple devices (e.g. PC and Android) if you’re using their Apple-only solution. That alone justifies the BW Premium plan, in my book and the TOTP sharing is just sprinkles on top of the dessert.

On the area of keeping track of the various LP entry types, that’s going to end up like a hot mess in BitWarden. BitWarden does not have those consumer-friendly entry types because, to be blunt, BitWarden is chasing corporate/enterprise customers who don’t need easy-to-use entry types for “Credit Card”, “Driver License”, “Insurance Card”, “WiFi”, “Remote Servers” (vs a URL), etc.

BitWarden also lacks an easy-to-use “Profiles” feature like LastPass. You can only simulate this with an Organization (in the Family Plan) for non-corporate consumers (i.e. regular people trying to keep their personal stuff safe online). There is a way, but it’s really complex, burdensome, and beyond the abilities of nearly all of their non-commercial customers.

If you can extract the TOTP secrets (i.e. an OTPauth URL), you can import them into BW somewhat easily. Unfortunately, the alternative is getting a new TOTP secret and capturing it with BW. Capturing QR codes is a real PITA if you’re not on a mobile device to start with.

Basically, when I did my migration, I had to export it in “chunks” (folders and separate entry types) and then import them into BW putting all of the new entries into the corresponding folder in BW, one by one.

That said, I got used to BitWarden pretty quickly, the learning curve as a regular user was not steep at all after the entries were in. The biggest feature for me was the seamless use across multiple devices and the inclusion of the TOTP capability (unfortunately, only at the paid levels of Premium or Family plans) into the core functionality of the apps and browser extensions was a huge plus.

I would still do it again if I had a do-over. Although I don’t have many attachments (mostly identity documents - DLs, insurance cards (where you need the back info), etc.), YMMV. I do very much want and am waiting for BW to deliver either custom entry types or equivalents to their competitors like LastPass.

Easing that migration with directly mapped entry types to their competitors would be a huge benefit to uptake from folks like me and you that are entrenched non-enterprise users (i.e. regular people) of some other password manager. BitWarden simply cannot convince people to move to BW with a cheaper price point.

IF, on the other hand, there was a simple migration that accurately migrated LastPass (or other password managers) exports and preserved our pet organization of entries, then the Premium price plan is a no-brainer because you get TOTP and all of the other competitor’s plans just to get multi-device capability are 4 times the price (~$10 vs ~$40). LastPass only offers TOTP as an extra-cost and separate product!

1 Like

thanks for the detailed answer… much more than I got from BW themselves. its rather like trying to get blood from a stone.

I also tried out the MSP plan last year, as I wanted to provide it to my clients. But all my clients are really IT illiterate, and I just concluded that they would struggle with it as it’s not user-friendly enough for non techie people. Which is the one thing LP does have going for it, despite its faults.
I just know the folder/naming issue is going to cause problems for those people.

its seems odd to have the free and family plans but then to make the product not very friendly to those type of end users.

Not sure what issue this is a reference to (maybe a LastPass specific issue?), but once you have properly conditioned the exported data, it should not be a problem to import directly into folders (without ending up with the folder path as part of the item name).

Furthermore, Bitwarden is close to rolling out item “labels”, which will replace folders altogether.

from my oriignal post above.

The above description is not accurate. You can import the following, and the (previously non-existent) folder newfolder will be created, containing an entry with the name title (not newfolder/title):

folder,favorite,type,name,notes,fields,reprompt,login_uri,login_username,login_password,login_totp
newfolder,,login,title,,,,,,,

 
Perhaps you are thinking of nested folders. In order for parent/child to be displayed in the GUI as a subfolder child that is nested under the parent folder parent, the parent folder must exist. If parent doesn’t exist as a vault folder, then the GUI will display a folder named parent/child as a top level folder with the name parent/child. If you subsequently create the folder parent, now the folder named parent/child will be displayed as a subfolder named child, nested under the top-level folder parent.

If it is inconvenient to manually create the top-level folders before or after import, you can have them created automatically during the import, by defining a dummy vault item in the parent folder that is not in any subfolder:

folder,favorite,type,name,notes,fields,reprompt,login_uri,login_username,login_password,login_totp
parent,,note,dummy,,,,,,,
parent/child,,login,title,,,,,,,

The “dummy” items can then easily be deleted from the vault (by searching for “dummy” and deleting all found items).

well it has been a year since I tested it, so that may be the case, but either way, whether its the folder name or the file names, it resulted in something unexpected.
However, I am 100% sure it wasn’t possible to create a new folder or sub-folder at the same time as you were saving a password. You had to stop what you were doing, exit out of the password save, go to folder management, create the folder or sub folder, then go through the save password process again.
Which usually meant resetting the password on the website, since you no longer had it, and then waiting for it to prompt you to save it again.
It was a PITA, thus why I am asking if anything has changed.

To answer your question: No, in the browser extension, it is not possible to create a new folder from the folder selection menu when creating/editing a login item. However, a workaround that would be much simpler than the cumbersome process you have described above, would be to simply save the item under “No Folder”, and afterwards create the folder and move the item.

I also found that it is much easier to add new logins to the vault without the “Ask to add login” option enabled: Just create and save the desired login credentials directly in the browser extension, then use the Autofill function to fill out the website registration form.

1 Like

problem is that that workaround probably isn’t doable for the average IT illiterate user. Who I fear will just end up saving the item in the wrong place and leaving it there.
the more extra steps you add, the less likley people are to use it properly, if at all.

Whatever solution I move to also has to be used by the rest of my family as well, so I have to consider them.
I also recommend my clients to use Lastpass up till now, as this allows me to share things with them, rather than sending via email. So I would ideally encourage my clients to also move to whatever solution I move to.
The fact that BW also has a free and a very cheap version makes it attractive, as it’s easy to get my clients to use it. But at the expense of usability it seems.

The “average IT illiterate user” probably doesn’t have a need for folders at all. With URL matching and autofill, there is rarely a need to browse through the vault contents.

Nonetheless, your desire for having the ability to create a new folder from the item edit interface is reasonable. Here is a Feature Request thread where you can vote or post comments to make your case:

yes you are probably right, those people will just save everything to the root anyway.
I just like to do everything I can to avoid support tickets from clients :slight_smile:

1 Like